Semantic search

Jump to: navigation, search


I2P
The Invisible Internet Project (I2P) is a project to build, deploy, and maintain a network supporting secure and anonymous communication. People using I2P are in control of the tradeoffs between anonymity, reliability, bandwidth usage, and latency. There is no central point in the network on which pressure can be exerted to compromise the integrity, security, or anonymity of the system. The network supports dynamic reconfiguration in response to various attacks, and has been designed to make use of additional resources as they become available. Of course, all aspects of the network are open and freely available. Unlike many other anonymizing networks, I2P doesn't try to provide anonymity by hiding the originator of some communication and not the recipient, or the other way around. I2P is designed to allow peers using I2P to communicate with each other anonymously — both sender and recipient are unidentifiable to each other as well as to third parties. For example, today there are both in-I2P web sites (allowing anonymous publishing / hosting) as well as HTTP proxies to the normal web (allowing anonymous web browsing).
Ipfs
pleas add
Jami Heckert gnu.tiny.png,
GNU Jami (formerly SFLphone, GNU Ring) is a universal and distributed communication platform, implemented as free (libre) software, which respects the freedoms and privacy of users. Aimed at the general public as well as professionals, Jami provides all its users a universal communication tool, autonomous, libre, secure and built on a distributed architecture thus requiring no authority or central server to function. GNU Jami satisfies a high priority software goal of the Free Software Foundation, responding to the challenges of privacy on the Internet. Developed by Savoir-faire Linux, Jami takes advantage of an active development community thanks to the support of young Google Summer of Code developers as well as research partnerships with Polytechnique Montréal and the Université du Québec à Montréal.
Knocker
Knocker is a TCP security port scanner written in C, using threads. It can analyze hosts and the network services which are running on them. Both a console version and a GTK+ version are available.
Kontalk
Kontalk is a free software, secure and distributed instant messaging driven by the community. Kontalk protocol is based on XMPP with end-to-end encryption in both server-to-server and server-to-client. Kontalks is basically for phone, but it's also available for desktop now (GNU/Linux, Windows, and macOS).
Legibly Password Generator
generates 30 thirteen characters long passwords // used character groups: A-Z, a-z, 0-9, special: #+,.-;:_= // but without hardly distinguishable ones like l, 1, O, 0 // the output of each password is split up after four characters for a better readability // the first six characters contain at least one character of each group of characters, because some systems do not store larger passwords // every password starts with letters, because some systems cannot handle digits or special signs at the start // in one single password is no character more than ones // the randomness is large enough, that the passwords are very unique
Librecmc
libreCMC is an embedded GNU/Linux distro with the focus of providing a platform that is 100% free software and that does not contain non-free blobs. While libreCMC is currently a hard fork of the popular OpenWRT project, it uses a linux-libre kernel and does not contain non-free parts.
Libsafe
The exploitation of buffer overflow and format string vulnerabilities in process stacks are a significant portion of security attacks. 'libsafe' is based on a middleware software layer that intercepts all function calls made to library functions known to be vulnerable. A substitute version of the corresponding function implements the original function in a way that ensures that any buffer overflows are contained within the current stack frame, which prevents attackers from overwriting the return address and hijacking the control flow of a running program. The true benefit of using libsafe is protection against future attacks on programs not yet known to be vulnerable. The performance overhead of libsafe is negligible, it does not require changes to the OS, it works with existing binary programs, and it does not need access to the source code of defective programs, or recompilation or off-line processing of binaries.
Lynis
Lynis is an auditing and hardening tool for Unix-Like Operating Systems like GNU/Linux, BSD, Solaris. It scans systems to detect software and security issues. Besides security-related information, it will also scan for general system information, installed packages, and possible configuration mistakes. The software is aimed at assisting automated auditing, software patch management, and vulnerability and malware scanning of Unix-based systems.
Maryam
OWASP Maryam is an Open-source intelligence(OSINT) and Web-based Footprinting modular framework based on the Recon-ng and written in Python. If you want Extracts Emails, Docs, Subdomains, Social networks from search engines Extracts Links, CSS and JS files, CDN links, Emails, Keywords from Web Source Find and Brute force DNS, TLD and important directs Crawl Web Pages and search your RegExp Identify WebApps, WAF, Interesting and important files Use Maryam
MasterPassword
Most password managers are password vaults: they let you store or generate a strong password for your services and then encrypt that key and store it for later retrieval. This approach presents many problems, in particular in the modern mobile age, that result in many frustrations: * Vault availability: If your vault is not available, you cannot use any of your services. * Added risk of identity loss: If you lose (eg. HDD failure/house fire) your vault, you instantly lose your entire online identity. * Force of law: Many countries have laws that require you to divulge the encryption key if a lawful search discovers your vault. Some password vaults implement features to try and address these issues, such as Internet sync, cloud-based vaults or backups and self-destructing vaults. These features all work around issues inherent to the solution and bring their own set of issues: * Network sync: Keeping data secure in transit is non-trivial and adds security risks. * Backups: Requires that you keep multiple locations secure from loss and theft, as well as the vault in transit. * Cloud-based services: Requires you to trust an external party and sacrifices transparency and freedom. * Defensive destruction: Reliability issues and again, risk total identity loss. Master Password is a completely different approach to passwords. The core issue that brings forth these problems is the vault used to store passwords. Master Password removes the vault from the solution by being a stateless solution, thus avoiding each of these issues. Master Password works by being an offline and stateless algorithm used to calculate your site passwords on-demand. Your passwords exist only as long as you need them and then disappear from disk and memory. Passwords are calculated based on a master password and the user's full name, combined with the name of the site. Calculation is based on strong, known and understood cryptographic hashes. Hash-based password generation is not new, but Master Password is a careful implementation that avoids many issues that other hash-based password managers suffer from. Cryptography is not easy and upon inspection, the security of most hash-based password generators completely falls apart. Master Password uses scrypt combined with hmac-sha256 and salting to prevent all known attack vectors.
Mod security
'Mod_security' is an intrusion detection and prevention module for Apache Web servers. Its purpose is to protect vulnerable applications by detecting and (optionally) rejecting attacks. In addition to request filtering (using regex), it can create Web application audit logs. Unlike other similar projects, Mod_security can analyse POST payloads.
MongooseIM
MongooseIM is aimed at large, complex enterprise level projects where real-time communication is critical for business success. It provides high availability, ease of deployment, development and reliability in production. The MongooseIM platform includes server-side components and client libraries. It has also contributed to open source third party XMPP libraries: Smack for Android and XMPP framework for iOS. Built around proven technologies XMPP/Jabber, it adds a simple client/server REST API for front-end and back-end integration.
NSBD
Not-So-Bad Distribution is an automated Web-based distribution system designed for distributing free software on the internet, where users cannot trust the network and cannot entirely trust the software maintainers. NSBD authenticates packages with GNU Privacy Guard (GnuPG) or "Pretty Good(Tm) Privacy" (PGP(Tm)) digital signatures so users can be assured that packages have not been tampered with, and it limits the maintainer to only update selected files and directories on the user's computer. NSBD's focus is on security, leaving as much control as is practical in the users' hands. NSBD handles automated updates by supplying a means of checking for updates to packages and automatically downloading and installing the updates. This "automated pull" style of distribution has the same effect as the "push" style of distribution, but gives more control to the user. A direct "push" style is also supported, which is especially appropriate for situations where there are multiple contributors to a shared server (for example, a shared web-page server). NSBD can "pull" directly over http or by using rsync to minimize network usage.
NetCube
NetCube (a.k.a. Jeff's version of The Spinning Cube of Potential Doom) is a python utility for visualizing network traffic in a 3d simulation. The x, y, and z axes correspond to the source IP address, the port number, and the destination IP address, respectively. This applies only to TCP and UDP traffic, of course, but that's the bulk of the traffic out there! Why bother? Well for one, visualization seems to help humans in identifying port scans and the like. See the original The Spinning Cube of Potential Doom page for more info.
NextTypes
NextTypes is a standards based information storage, processing and transmission system that integrates the characteristics of other systems such as databases, programming languages, communication protocols, file systems, document managers, operating systems, frameworks, file formats and hardware in a single tightly integrated system using a common data types system. NextTypes is a relational/network/objects/files hybrid database system with high level SQL interface, extensive primitive types list, JSON/JSON-LD/XML/Smile/WebDAV/CalDAV/iCalendar/RSS data access, REST interface, customizable MVC architecture, optimistic concurrency control, HTML5/CSS3/SVG/Javascript responsive graphical interface, multilanguage, UTF-8 encoding, syntax highlighting or WYSIWYG editors, robots.txt and sitemap management, text extraction/fulltext search, document management, virus scanning, DoS/SQL injection/CSRF/XSS protection, passwords/X.509 certificates authentication, logging and backup system.
OnionShare
What is OnionShare? OnionShare lets you securely and anonymously share files of any size. It works by starting a web server, making it accessible as a Tor onion service, and generating an unguessable URL to access and download the files. It doesn't require setting up a server on the internet somewhere or using a third party filesharing service. You host the file on your own computer and use a Tor onion service to make it temporarily accessible over the internet. The other user just needs to use Tor Browser to download the file from you. How to Use Open OnionShare, drag and drop files and folders you wish to share into it, and click Start Sharing. After a moment, it will show you a .onion URL. This is the secret URL that can be used to download the file you're sharing. Send this URL to the person you're sending the files to. If the files you're sending aren't secret, you can use normal means of sending the URL, like by emailing it, or sending it in a Facebook or Twitter private message. If you're sending secret files then it's important to send this URL securely. The person who is receiving the files doesn't need OnionShare. All they need is to open the URL you send them in Tor Browser to be able to download the file.\
OpenVPN
OpenVPN lets you to treat a collection of remote machines as though they are on the same network. The connections on this new, virtual network are secured by TLS/SSL. One machine acts as the network server, the others as clients. OpenVPN can also be a component in a TLS tunnel, where the client connects only to the OpenVPN server, which makes additional connections on the client's behalf.
Pica Pica Messenger
Pica Pica is a project aimed to create and support distributed decentralized secure instant messaging system. Pica Pica network consists of nodes and clients. Nodes are hosted by volunteers on their computers. Nodes connect to each other and exchange info about other nodes and online clients, transfer encrypted data between clients. All data transferred between clients is protected by end-to-end encryption using TLS 1.2 protocol. Users are identified by unique SHA224 hash of their certificate which is generated during account creation.
Pound
Pound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests. Pound proxies HTTO _and HTTPS requests simultaneously. In addition, it knows about failed back-end servers and can redirect requests according to their availability. It can run as setuid/setgid and/or in a chroot jail. Pound does not access the hard-disk at all (except for reading the certificate file on start, if required, and the pid file) and should thus pose no security threat to any machine. It needs at least the configuration file (read-only) and, optionally, the HTTPS server certificate (read-only).

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the page “GNU Free Documentation License”.

The copyright and license notices on this page only apply to the text on this page. Any software or copyright-licenses or other similar notices described in this text has its own copyright notice and license, which can usually be found in the distribution or license text itself.

Retrieved from "https://directory.fsf.org/wiki/Special:Ask"